Search Results

Search found 9318 results on 373 pages for 'django authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 155/373 | < Previous Page | 151 152 153 154 155 156 157 158 159 160 161 162  | Next Page >

  • Why would the 'show processlist' command speed up normally slow requests to my remote DB? (connected via VPN)

    - by Hakan B.
    I am running a local Django development server that connects to a remote MySQL server via a VPN (IPSec). Request times are awfully slow and I consistently see timeouts. Attempting to diagnose the problem, I logged in to the remote database and ran: show full processlist Immediately, the local server went from idle to working. The page had not yet completely loaded, but progress had been made (debug logs confirm this). When I ran 'show full processlist' several times more in succession, the request completed quickly. I can currently reproduce this - unless I run 'show full processlist' over and over on the remote server, my local request usually times out. Does anyone have any idea why this would happen? I'm running Django 1.3 and OS X 10.7. Note: I realize this may be entirely not be a question with a clear-cut answer and is probably my fault, but it is odd and reproducable, so I hope someone can at least point me the right direction. Thanks in advance.

    Read the article

  • How to get roles with JSR 196 authentification in GlassFish?

    - by deamon
    I want to use a custom authentication module conforming to JSR 196 in GlassFish 3. The interface javax.security.auth.message.ServerAuth has the method: AuthStatus validateRequest( MessageInfo messageInfo, javax.security.auth.Subject clientSubject, javax.security.auth.Subject serviceSubject ) AuthStatus can be one of several constants like FAILURE or SUCCESS. The question is: How can I get the roles from a "role datebase" with JSR 196? Example: The server receives a request with a SSO token (CAS token for example), checks whether the token is valid, populates the remote user object with roles fetches from a database via JDBC or from REST service via http. Is the role fetching in the scope of JSR 196? How could that be implemented? Do I have to use JSR 196 together with JSR 115 to use custom authentication and a custom role source?

    Read the article

  • ASP.Net MVC ReturnUrl Practice

    - by Terry
    I have a question about the returnUrl querystring parameter that is appended by ASP.Net when attempted to hit a page that requires authentication. In looking at Microsoft NerdDinner Sample's LogOn action (along with every other 'sample authentication code' I see on the 'net), it just has the ReturnUrl parameter declared in the action's signature and uses it directly in a Redirect() call. However, back in the WebForms days and using Membership Controls, we use to use the FormsAuthentication.GetReturnUrl() call. Besides returning the 'default url' if no url was specified in the querystring, it also does a few security checks (Cross App Redirect and 'IsDangerousUrl()'). Are those no longer a concern or are all the sample 'log on' actions I'm seeing all over the 'net just ignoring those issues?

    Read the article

  • Amazon EC2: Not able to open web application even if port it opened

    - by learner
    I have a t1.micro instance with public dns looks similar to ec2-184-72-67-202.compute-1.amazonaws.com (some numbers changed) On this machine, I am running a django app $ sudo python manage.py runserver --settings=vlists.settings.dev Validating models... 0 errors found Django version 1.4.1, using settings 'vlists.settings.dev' Development server is running at http://127.0.0.1:8000/ I have opened the port 8000 through AWS console Now when I hit the following in Chrome http://ec2-184-72-67-202.compute-1.amazonaws.com:8000, I get Oops! Google Chrome could not connect to WHat is that I am doing wrong?

    Read the article

  • Any working tutorials for Authlogic?

    - by Mark Wilbur
    I've been trying to build my first rails app and have gotten stuck on the issue of user authentication. I've found a number of tutorials for using various plug-ins to do this, but so far every single one of them is out-dated, and as a result, broken! From what I've read, I think Authlogic may be the best fit for me, and I've tried two things: 1) Going through Railscast, episode #160 (which is a tutorial for setting it up) 2) Using Ryan B's nifty_authentication gem with the --authlogic tag In both cases, I get the following error as soon as I try to do anything with a user: undefined local variable or method `acts_as_authentic' for # I believe this is from the User model: class User < ActiveRecord::Base acts_as_authentic end I'm sure I've installed the authlogic gem, and I've added config.gem "authlogic" to my environment.rb Any ideas about what's wrong? Anybody know of a complete and up to date tutorial for adding user authentication?

    Read the article

  • Retrieving WSDL file from secure service

    - by Anonimo
    I have a Web Service developed with JAX-WS. I have secured the web service with BASIC authentication configured in Tomcat. When I try to access the web service using a Java client, I first need to create the port, and then specify the credentials, as follows: CustomerServiceClient customerServiceClient = new CustomerServiceBottomUpService(); //1 CustomerService customer = customerServiceClient.getCustomerServicePort(); //2 Map<String, Object> context = ((BindingProvider) customer).getRequestContext(); //3 context.put(BindingProvider.USERNAME_PROPERTY, "kermit"); //4 context.put(BindingProvider.PASSWORD_PROPERTY, "thefrog"); //5 The problem I have is that, after line 1, I get an Authorization error (HTTP 401) as I obviously haven't provided the server with the credentials yet. I am creating the client artifacts from a server WSDL, hence the authentication problem when creating the service, and don't want my clients to store the WSDL locally as it's just annoying for them. How can I get around this problem?

    Read the article

  • Jersey, Apache HTTPD, and javax.annotation.security usage

    - by Nick Klauer
    So I'm having a heck of a time trying to piece together what I think is a pretty simple implementation. This is very similar to another StackOverflow question only I can't leverage Tomcat to handle role based authentication. I have an Apache httpd server in front of my app that handles authentication and then passes LDAP roles to a Jersey service through Headers. I've created a servlet filter to parse the header and tease out the roles the request came from, which works fine globally to the app, but isn't fine-grained enough to dictate what an Admin could do that a User could not. I'm thinking I could use the javax.annotation.security annotations that JAX-RS supports, but I don't know how to take what I've parsed out using a servlet filter to set or instantiate the SecurityContext necessary for the roles @RolesAllowed.

    Read the article

  • SSHing into EC2 instance fails - -v details below!

    - by ming yeow
    Hi folks! I created a new ec2 instance, but i am unable to ssh in with the key i normally use with my other instances. The -v details are below. Thanks! debug1: Host 'dbl01' is known and matches the RSA host key. debug1: Found key in /Users/mingyeow/.ssh/known_hosts:26 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering public key: /Users/mingyeow/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Trying private key: /Users/mingyeow/.ssh/identity debug1: Trying private key: /Users/mingyeow/.ssh/id_dsa debug1: No more authentication methods to try. Permission denied (publickey).

    Read the article

  • One of my apache processes is huge - how can I find out why?

    - by Malcolm Box
    I'm running Apache 2.2.12 with mod_wsgi, hosting a Django site. Most of the apache child processes weigh in at about 125MB RSS, but occasionally I see one child balloon to 1GB RSS. At this point there's usually 1 huge process (1GB), a couple of large ones (500MB) and the rest are still ~125MB. These are the mod_wsgi daemon processes. I've tried using memory leak tracing in Python to see if it's the Django code, and I see no leaks. Looking in the logs doesn't show any particularly strange requests. I'm stumped on how to figure out what's causing this - any ideas? Also, any workaround ways to kill the large apache process when it gets too big, without bringing apache down? Some more details: Not using mod_php Using pre-fork

    Read the article

  • WNA Configuration in OAM 11g

    - by P Patra
    Pre-Requisite: Kerberos authentication scheme has to exist. This is usually pre-configured OAM authentication scheme. It should have Authentication Level - "2", Challenge Method - "WNA", Challenge Direct URL - "/oam/server" and Authentication Module- "Kerberos". The default authentication scheme name is "KerberosScheme", this name can be changed. The DNS name has to be resolvable on the OAM Server. The DNS name with referrals to AD have to be resolvable on OAM Server. Ensure nslookup work for the referrals. Pre-Install: AD team to produce keytab file on the AD server by running ktpass command. Provide OAM Hostname to AD Team. Receive from AD team the following: Keypass file produced when running the ktpass command ktpass username ktpass password Copy the keytab file to convenient location in OAM install tree and rename the file if desired. For instance where oam-policy.xml file resides. i.e. /fa_gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/keytab.kt Configure WNA Authentication on OAM Server: Create config file krb.config and set the environment variable to the path to this file: KRB_CONFIG=/fa_gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/krb.conf The variable KRB_CONFIG has to be set in the profile for the user that OAM java container(i.e. Wbelogic Server) runs as, so that this setting is available to the OAM server. i.e. "applmgr" user. In the krb.conf file specify: [libdefaults] default_realm= NOA.ABC.COM dns_lookup_realm= true dns_lookup_kdc= true ticket_lifetime= 24h forwardable= yes [realms] NOA.ABC.COM={ kdc=hub21.noa.abc.com:88 admin_server=hub21.noa.abc.com:749 default_domain=NOA.ABC.COM [domain_realm] .abc.com=ABC.COM abc.com=ABC.COM .noa.abc.com=NOA.ABC.COM noa.abc.com=NOA.ABC.COM Where hub21.noa.abc.com is load balanced DNS VIP name for AD Server and NOA.ABC.COM is the name of the domain. Create authentication policy to WNA protect the resource( i.e. EBSR12) and choose the "KerberosScheme" as authentication scheme. Login to OAM Console => Policy Configuration Tab => Browse Tab => Shared Components => Application Domains => IAM Suite => Authentication Policies => Create Name: ABC WNA Auth Policy Authentication Scheme: KerberosScheme Failure URL: http://hcm.noa.abc.com/cgi-bin/welcome Edit System Configuration for Kerberos System Configuration Tab => Access Manager Settings => expand Authentication Modules => expand Kerberos Authentication Module => double click on Kerberos Edit "Key Tab File" textbox - put in /fa_gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/keytab.kt Edit "Principal" textbox - put in HTTP/[email protected] Edit "KRB Config File" textbox - put in /fa-gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/krb.conf Cilck "Apply" In the script setting environment for the WLS server where OAM is deployed set the variable: KRB_CONFIG=/fa_gai2_d/idm/admin/domains/idm-admin/IDMDomain/config/fmwconfig/krb.conf Re-start OAM server and OAM Server Container( Weblogic Server)

    Read the article

  • How to propagate spring security login to EJBs?

    - by tangens
    Context I have a J2EE application running on a JBoss 4.2.3 application server. The application is reachabe through a web interface. The authentication is done with basic authentication. Inside of the EJBs I ask the security context of the bean for the principal (the name of the logged in user) and do some authorization checks if this user is allowed to access this method of the EJB. The EJBs life inside a different ear than the servlets handling the web frontend, so I can't access the spring application context directly. Required change I want to switch to Spring Security for handling the user login. Question How can I propagate the spring login information to the JBoss security context so I can still use my EJBs without having to rewrite them? Ideas and links I already found a page talking about "Propagating Identity from Spring Security to the EJB Layer", but unfortunatelly it refers to an older version of Spring Security (Acegi) and I'm not familiar enough with Spring Security to make this work with the actual version (3.0.2).

    Read the article

  • Is there any way to isolate the python2.7 , mod_wsgi installation from main environment

    - by user31
    I have many local virtual machines for building the django websites. I find it very hard to configure all the machines with mod_wsgi , python and all that installation issues. Is there any way that i can install even python 2.7 , mod_wsgi etc and all that inside the virtual environment folder so that i can just copy paste that folder in my live server and i don't need to mess with mos_wsgi , python 2.7 and other issues. Is it possible or even any close variation of that so that puting the site to live servers is very easy and everything which is needed by site should be included locally I also face many problems when i need to move the django sites across servers

    Read the article

  • zend framework 2 autentification using DbTable failure

    - by josepmra
    I have followed the zend instructions for implement my web Authentication using a database table. It's exactly the same code, but when render the page, the following exceptions appears: Zend\Authentication\Adapter\Exception\RuntimeException File: C:\xampp\htdocs\pfc\vendor\ZF2\library\Zend\Authentication\Adapter\DbTable.php Mensaje: The supplied parameters to DbTable failed to produce a valid sql statement, please check table and column names for validity. produced by this other: Zend\Db\Adapter\Exception\InvalidQueryException File: C:\xampp\htdocs\pfc\vendor\ZF2\library\Zend\Db\Adapter\Driver\Mysqli\Statement.php Mensaje: Statement couldn't be produced with sql: SELECT `users`.*, (CASE WHEN `password` = ? THEN 1 ELSE 0 END) AS `zend_auth_credential_match` FROM `users` WHERE `mail` = ? Seems to be that Statement.php can not execute the sql of above, but I send the sql by phpmyadmin replacing the ? for strings and work ok. I am sure that $dbAdapter works ok also because I have tested it and the columns name are "mail" and "password". This in my code, also I put the $dbAdapter test code. $dbAdapter = new DbAdapter(array( //This DbAdapter Work ok sure!! 'driver' => 'Mysqli', 'database' => 'securedraw', 'username' => 'root', 'password' => '' )); $fp = function($name) use ($dbAdapter) { return $dbAdapter->driver->formatParameterName($name);}; $sql = 'SELECT * FROM ' . $qi('users') . ' WHERE id = ' . $fp('id'); $statement = $dbAdapter->query($sql); $parameters = array('id' => 1); $sqlResult = $statement->execute($parameters); $row = $sqlResult->current(); $mail = $row['mail']; $password = $row['password']; //until here test $dbAdapter exitly!! //Start the auth proccess!! $authAdapter = new AuthDbTableAdapter($dbAdapter); $authAdapter->setTableName('users') ->setIdentityColumn('mail') ->setCredentialColumn('password'); $authAdapter->setIdentity('josep') ->setCredential('josep'); $authResult = $authAdapter->authenticate(); //This is the fail method!!!

    Read the article

  • Sometimes my urls get masked with the IP address instead of the domain

    - by user64631
    I have a server with one A record that points to my IP address. I have nginx with gunicorn as a prefork which goes to my django application For most of my pages, the URL is always my domain name in the url bar. However if I go to mydomain.com/admin the url magically transforms into x.x.x.x/admin in the url bar of my browser. I thought that was weird but I ignored it figuring it only happened for admin so it wasnt that big of a deal. Then I installed django-registration. So when I go to mydomain.com/accounts/register the url is still mydomain.com/accounts/register in the url bar. but when I submit a form, the POST request goes to x.x.x.x/accounts/register which creates a cross domain error. So I decided that it wasnt isolated to the admin and I really need to fix what is going on. I have no idea what is going on and am completely lost.

    Read the article

  • Accessing resources on localhost using domain credentials

    - by jas
    I'm trying to set up Team Foundation Server 2010, Sharepoint Server 2010 and Report Server 2008R2. I apologize for how long my question/problem is but I'm really lost on where to even look so am being as descriptive as possible in hopes that I'm making sense. The goal: Since developers can be inside or outside the firewall there needs to be a single http point of entry to TFS that works regardless of which side of the firewall you are and needs to work with external access to SharePoint and Report Server. Meaning we have it set up in DNS so buildserver.mydomain.com: points to the build service box which contains all of the services listed at the top of this post and specific services are defined/located by the port number. This is working great on every machine inside and out except for from the build server itself. All services must be able to work using external URLs. If I use http:// buildserver.mydomain.com:4800/tfs (the external URL) from my notebook which is behind the firewall I'm able to login with my domain credentials as expected. If the other developer points to the same URL from their home which isn't on the domain they are also able to login using their domain credentials. However if I am directly on buildserver and call SharePoint, TFS or Reporting Server from (i.e. http:// buildserver.mydomain.com:4800) itself using the external URL, I am prompted for a username and password. Entering my domain credentials results in another prompt to enter my credentials again. It will prompt three times regardless of which credentials are used (I have rights as a domain admin) and then after the third prompt directs me to a blank white page as though access was denied. There are no errors displayed on the page and nothing ends up in the event viewer. From buildserver if i use just the host name (the internal URL), then I'm prompted a single time for credentials and it works. i.e. http:// buildserver:4800/tfs works from the server itself. The behavior is identical for any service requiring authentication. Meaning from the box itself Sharepoint Central Admin, SharePoint WebApp, TFS, TFS Web Access, Report Server and Report Manager all fail using the external URL but will succeed if called using the interal URL. So the problem comes into play when configuring all of the services to work together. The only way to configure TFS is locally from the server which means I must point to the internal reporting server url (http:// buildserver:4800/reports and reportServer respectively instead of http:// buildserver.domainname.com:4800 like they need to be) since external URLs aren't working from itself. If I configure TFS to use the internal URL for Report Server then creating team projects or working in the SharePoint site for the team project fails for anyone not inside the domain since their machines have no idea who http:// buildserver:/reports even is or how to resolve them. I have configured Sharepoint with Alternate Access Mappings as well as set up Report Server to listen for external URLs. The external URLs simply aren't working when called from the server itself. I hope this makes sense. Thanks for taking the time to read this rather verbose plea for help.

    Read the article

  • Authenticating a Server with Digital Signatures

    - by TomS
    I understand how Non-repudiation and Integrity are achieved with Digital Signatures, but it's the Authentication that I don't grasp yet. I'm developing a Client-Server application in C#, that should be capable of Authentication with Digital Certificates and Digital Signatures. I know how to check the validity and integrity of a Signature (with SignedCms.CheckSignature()), but how does this authenticates any of the parts involved? For example: The client asks the Server for a Digital Signature, The client receives the signature and validates it, If the validation succeeds, continue. The client could be a victim of a man-in-the middle attack and receive a valid signature in step 2. The validation would succeed, but the client wouldn't be talking to the right server. What am I missing?

    Read the article

  • FormsAuthentication redirecting to login page when visiting root of website

    - by Ryan Lattimer
    I wanted to use FormsAuthentication to secure my static files as well on my site, so I followed the instructions located here http://learn.iis.net/page.aspx/244/how-to-take-advantage-of-the-iis7-integrated-pipeline/ under title "Enabling Forms Authentication for the Entire Application". Now though, when I try to visit the site by going directly to http://www.mysite.com I get redirected to http://www.mysite.com/Login.aspx?ReturnUrl=%2f instead of it using my DefaultDocument I have set. I can go to my default document by just visiting http://www.mysite.com/Home.aspx without any issues because it is set to allow anonymous access. Is there something I need to add into my web.config file to make iis7 allow anonymous access to the root? I tried adding with anonymous access but no such luck. Any help would be much appreciated. Both Home and the Login form allow anonymous. <location path="Home.aspx"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> <location path="Login.aspx"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> Login form is set as the loginUrl <authentication mode="Forms"> <forms protection="All" loginUrl="Login.aspx"> </forms> </authentication> Default document is set as Home.aspx <defaultDocument> <files> <add value="Home.aspx" /> </files> </defaultDocument> I have not removed any of the iis7 default documents. However, Home.aspx is first in the priority.

    Read the article

  • How to expose MEX when I need the service to have NTLM authentication

    - by Ram Amos
    I'm developing a WCF service that is RESTful and SOAP, now both of them needs to be with NTLM authentication. I also want to expose a MEX endpoint so that others can easily reference the service and work with it. Now when I set IIS to require windows authentication I can use the REST service and make calls to the service succesfully, but when I want to reference the service with SVCUTIL it throws an error that it requires to be anonymous. Here's my web.config: <system.serviceModel> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/> <bindings> <basicHttpBinding> <binding name="basicHttpBinding" maxReceivedMessageSize="214748563" maxBufferSize="214748563" maxBufferPoolSize="214748563"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Ntlm"> </transport> </security> </binding> </basicHttpBinding> <webHttpBinding> <binding name="webHttpBinding" maxReceivedMessageSize="214748563" maxBufferSize="214748563" maxBufferPoolSize="214748563"> <security mode="TransportCredentialOnly"> <transport clientCredentialType="Ntlm"> </transport> </security> </binding> </webHttpBinding> <mexHttpBinding> <binding name="mexHttpBinding"></binding> </mexHttpBinding> </bindings> <standardEndpoints> <webHttpEndpoint> <standardEndpoint name="" automaticFormatSelectionEnabled="true" helpEnabled="True"> </standardEndpoint> </webHttpEndpoint> </standardEndpoints> <services> <service name="Intel.ResourceScheduler.Service" behaviorConfiguration="Meta"> <clear /> <endpoint address="soap" name="SOAP" binding="basicHttpBinding" contract="Intel.ResourceScheduler.Service.IResourceSchedulerService" listenUriMode="Explicit" /> <endpoint address="" name="rest" binding="webHttpBinding" behaviorConfiguration="REST" contract="Intel.ResourceScheduler.Service.IResourceSchedulerService" /> <endpoint address="mex" name="mex" binding="mexHttpBinding" behaviorConfiguration="" contract="IMetadataExchange" /> </service> </services> <behaviors> <endpointBehaviors> <behavior name="REST"> <webHttp /> </behavior> <behavior name="WCFBehavior"> <dataContractSerializer maxItemsInObjectGraph="2147483647" /> </behavior> </endpointBehaviors> <serviceBehaviors> <behavior name="Meta"> <serviceMetadata httpGetEnabled="true"/> </behavior> <behavior name="REST"> <dataContractSerializer maxItemsInObjectGraph="2147483647" /> </behavior> <behavior name="WCFBehavior"> <serviceMetadata httpGetEnabled="true"/> <dataContractSerializer maxItemsInObjectGraph="2147483647" /> </behavior> <behavior name=""> <!-- To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment --> <serviceMetadata httpGetEnabled="true" /> <!-- To receive exception details in faults for debugging purposes, set the value below to true. Set to false before deployment to avoid disclosing exception information --> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> </serviceBehaviors> </behaviors> Any help will be appreciated.

    Read the article

  • One click login to my google apps solution how can I do it?

    - by Ali
    Hi guys I'm developing a google apps solution and I'm building on the tutorial application give by google at http://code.google.com/googleapps/marketplace/tutorial_php.html - the thing is that the example given sets up the application such that the user has to enter in manually the email address or username and then it takes the user through an authentication process whereby it asks the user if they wish to allow the application to be given access to the services mentioned in the manifest.xml file. Isn't there a better way to do this I mean like I want that when the user upon logging into his google apps account just has to click in the application link installed and straight on should be able to enter the application. Can't the process of authentication and all be transparent in the backdrop. I need help on this asap. Thanks a bunch!

    Read the article

  • PyDev and Django: how to restart dev server?

    - by Rosarch
    I'm new to Django. I think I'm making a simple mistake. I launched the dev server with Pydev: RClick on project Django Custom command runserver The server came up, and everything was great. But now I'm trying to stop it, and can't figure out how. I stopped the process in the PyDev console, and closed Eclipse, but web pages are still being served from http://127.0.0.1:8000. I launched and quit the server from the command line normally: python manage.py runserver But the server is still up. What am I doing wrong here?

    Read the article

  • anonymous access disabled but...

    - by Melody Friedenthal
    My web app (asp VB 2005) uses Windows authentication. If the user isn't part of a specific AD security group they don't get to edit the data; instead I redirect the user to a read-only page. The program works fine in the IDE. I published the web app to my laptop and Disabled anonymous access. When I ran the program I got redirected to the read-only page. I added a write event to the application event log to see what was going on, and found that the WindowsPrincipal.Identity.Name contained my laptop's ID, not my user name. I reassert: anonymous access is disabled in IIS and the web.config file has Windows Authentication. Can anyone suggest what else to check? Or can you explain what's going on?

    Read the article

  • Transport Security with Certificate Authentication

    - by Brian T
    I'm getting the following error when I access my webservice localhost/MyService/MyService.svc The SSL settings for the service 'SslRequireCert' does not match those of the IIS 'Ssl, SslNegotiateCert'. I've following the web.config examples as specified in http://msdn.microsoft.com/en-us/library/ms731074.aspx Here is my wcf server web.config: <?xml version="1.0" encoding="UTF-8"?> <configuration xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0"> <appSettings /> <system.web> <identity impersonate="false" /> <roleManager enabled="true" /> <authentication mode="Windows" /> <customErrors mode="Off" /> <webServices> <protocols> <add name="HttpGet" /> <add name="HttpPost" /> </protocols> </webServices> </system.web> <system.webServer> <directoryBrowse enabled="true" /> <validation validateIntegratedModeConfiguration="false" /> <security> <authorization> <remove users="*" roles="" verbs="" /> <add accessType="Allow" users="*" roles="" /> </authorization> </security> </system.webServer> <system.serviceModel> <services> <service name="AspNetSqlProviderService" behaviorConfiguration="MyServiceBehavior"> <endpoint binding="wsHttpBinding" contract="Interface1" bindingConfiguration="CertificateWithTransportWSHttpBinding" /> <endpoint binding="wsHttpBinding" contract="Interface2" bindingConfiguration="CertificateWithTransportWSHttpBinding" /> <endpoint address="mex" binding="wsHttpBinding" bindingConfiguration="CertificateWithTransportWSHttpBinding" name="Metadata_Exchange" contract="IMetadataExchange" /> </service> </services> <behaviors> <serviceBehaviors> <behavior name="MyServiceBehavior"> <serviceDebug includeExceptionDetailInFaults="True" /> <serviceMetadata /> <serviceCredentials> <clientCertificate> <authentication trustedStoreLocation="LocalMachine" revocationMode="Online"/> </clientCertificate> </serviceCredentials> </behavior> </serviceBehaviors> </behaviors> <bindings> <wsHttpBinding> <binding name="CertificateWithTransportWSHttpBinding"> <security mode="Transport"> <transport clientCredentialType="Certificate" /> </security> </binding> </wsHttpBinding> </bindings> </system.serviceModel> </configuration> I've configured IIS as follows: https binding added using self signed certificate Under SSL settings, require SSL and accept client certificates is checked The self signed certificate has been added to the Local Computer Trusted Root CA. I can browse and execute the .asmx service definition, but the .svc gives me the error described above.

    Read the article

  • What are best practices for securing the admin section of a website?

    - by UpTheCreek
    I'd like to know what people consider best practice for securing the Admin sections of websites, specifically from an authentication/access point of view. Of course there are obvious things, such as using SSL and logging all access, but I'm wondering just where above these basic steps people consider the bar to be set. For example: Are you just relying on the same authentication mechanism that you use for normal users? If not, what? Are you running the Admin section in the same 'application domain'? What steps do you take to make the admin section undiscovered? (or do you reject the while 'obscurity' thing)

    Read the article

  • Smart Client App: How to give Different Settings for Different Users

    - by Daniel
    Hi! I have a smart client application being deployed with a CickOnce webpage. here's the current scenario. User runs the application, and the application shows a login form. User enters ID/Password in the login form, and the application sends that information to the server. The server authenticates the user and sends configuration and data to the application. Different users have different configuration and data for their application. I was concerned that anyone can download the application from the webpage if they know the URL. So I'm trying to change the authentication scheme, so that users can login at the webpage to download the application. I want to send the authentication info from the webpage(Program running at the server) to the smart client app, so that application can download the configuration information from the server, without prompting users to make a login again. How can the webpage send the ID/Passoword to the application securely?

    Read the article

  • Preferred Method Of Application Purchase

    - by Chuck
    This is more of a "programmers" question, but felt that it was technical enough to belong on Stack Overflow instead. I'm launching an application soon that will follow the shareware model of purchase. I've thought about implementing this in a few ways: Limited access to the application until they purchase Full access to the application but expires after 30 day, requiring them to purchase to retain utility. Full access to the application indefinitely, but with a 10-15 second pop-up box on start-up asking them to register -- like mIRC does (or used to do). The method of authentication will be web-based. I'll provide them with an authentication key and they'll put it in the application. Whenever the application boots up, it'll check my web service and determine whether the application is genuine or not. This isn't my question. My question is: Is there a preferred method of implementation? I'd like to piss off the users as little as possible, but I'd also like to get paid for my work.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 151 152 153 154 155 156 157 158 159 160 161 162  | Next Page >